Our Blog

Compliance, The Elephant in the Room

Large corporations are no strangers to the threat of data breaches. However, SMBs are also at risk and likewise must be in compliance with security regulations. Given the recent increase in cyber attacks, it has never been more important to guard against security risks.

Not sure where to start? Here is a quick rundown of two major regulations you should be aware of and where to start.

Payment Card Industry Data Security Standard (PCI DSS) – If you accept major credit cards, you must comply with PCI DSS in an effort to protect cardholder data. Detailed information can be found here.

Federal Information Processing Standard Publication 140-2 (FIPS 140-2) – Compliance for any commercial systems used to protect the confidentiality of data moving across networks. For more information refer to the National Institute of Standards and Technology website.

It is your responsibility as a business owner to be in compliance with all regulations that apply to your company. The best thing you can do is to maintain visibility into your IT infrastructure, data activity, and data accessibility at all times.

If you are out of compliance, or worse, suffer a data breach, the consequences are severe. In addition to facing substantial fines, you may lose the trust of your customers and employees and need to provide a service, like credit monitoring, to work towards gaining it back. You may also be subject to lawsuits, bank fines to repay stolen credit card purchases, audits lost revenue and a damaged reputation.